AWS Import/Export Jobs

Job

You create an AWS Import/Export job in two steps. First, you submit a job request
to AWS. Each AWS Import/Export job corresponds to exactly one storage device. You
submit your job request by using the AWS Import/Export command line tool, which
requires no programming. If your application requires a programmatic interface, you
can use the AWS SDK or the REST API. Second, you send your storage device to AWS. We
use our high bandwidth network to import your data into AWS or export data from AWS
to your storage device, then return your device.

You must submit a separate job request for each device.

Note

You can send multiple devices in the same shipment. If you do, however, there are specific guidelines and limitations that govern what devices you can ship and how your devices must be packaged. If your shipment is not prepared and packed correctly, AWS Import/Export cannot process your jobs. Regardless of how many devices you ship at one time, you must submit a separate job request for each device. For complete details about packaging requirements when shipping multiple devices, see Shipping Multiple Devices.

Encryption

Hardware-based device encryption that uses a physical PIN pad for
access to the data.

TrueCrypt software encryption

Disk encryption using TrueCrypt, which is an open-source
encryption application.

AWS Import/Export requires encryption with all export jobs. For export jobs, you
can use either hardware encryption or software encryption. Optionally, you can use
both methods.

We strongly recommend encrypting your data for all import jobs.

For import to Amazon S3, AWS supports device-level encryption using PIN-code encryption
or TrueCrypt software encryption, or both. If you prefer, you can encrypt the file
objects on your device using any software encryption you choose. AWS must be able to
list the objects on your device without having to decrypt the device, but we do not
decrypt the objects.

For import to Amazon Glacier or Amazon EBS, AWS supports device-level encryption using PIN-code
encryption or software encryption of your choice, or both. AWS does not decrypt
software-encrypted devices when importing to Amazon Glacier or Amazon EBS; rather we import a
direct copy of the complete device.

When you create an import or export job, you must provide the PIN code or password
for the encryption method you choose. For more information, see Encrypting Your Data.

Job Type

For each job type, the following table summarizes the source of the data, either
your device or an Amazon S3 bucket, where the data will be moved to, and the result
you can expect when the job is complete.

An import to Amazon EBS will have different results
depending on whether the capacity of your storage device is
less than or equal to 1 TB or greater than 1 TB. The maximum
size of an Amazon EBS snapshot is 1 TB, so if the device
image is larger than 1 TB, the image is chunked and stored
on Amazon S3. The target location is determined based on the
total capacity of the device, not the amount of data on the
device.

Source

Target

Result

Entire device (device capacity less than or equal
to 1 TB).

One device per import job.

We recommend encrypting your device.

One Amazon EBS snapshot.

One snapshot per import job.

If you send a PIN-code protected device, AWS will
use the PIN code you provide to access the device.

If your data is encrypted using software
encryption, AWS does not decrypt your data.